| Manuel Pégourié-Gonnard | 36ae06b | 2024-10-01 13:19:04 +0200 | [diff] [blame] | 1 | # all-helpers.sh | 
|  | 2 | # | 
|  | 3 | # Copyright The Mbed TLS Contributors | 
|  | 4 | # SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later | 
|  | 5 |  | 
| Manuel Pégourié-Gonnard | 327edec | 2024-10-09 11:18:43 +0200 | [diff] [blame] | 6 | # This file contains helpers for test components that are executed by all.sh. | 
|  | 7 | # See "Files structure" in all-core.sh for other files used by all.sh. | 
|  | 8 | # | 
|  | 9 | # This file is the right place for helpers: | 
|  | 10 | # - that are used by more than one component living in more than one file; | 
|  | 11 | # - or (inclusive) that we want to share accross repos or branches. | 
|  | 12 | # | 
|  | 13 | # Helpers that are used in a single component file that is | 
|  | 14 | # repo&branch-specific can be defined in the file where they are used. | 
| Manuel Pégourié-Gonnard | 36ae06b | 2024-10-01 13:19:04 +0200 | [diff] [blame] | 15 |  | 
|  | 16 | ################################################################ | 
|  | 17 | #### Helpers for components using libtestdriver1 | 
|  | 18 | ################################################################ | 
|  | 19 |  | 
|  | 20 | # How to use libtestdriver1 | 
|  | 21 | # ------------------------- | 
|  | 22 | # | 
|  | 23 | # 1. Define the list algorithms and key types to accelerate, | 
|  | 24 | #    designated the same way as PSA_WANT_ macros but without PSA_WANT_. | 
|  | 25 | #    Examples: | 
|  | 26 | #      - loc_accel_list="ALG_JPAKE" | 
|  | 27 | #      - loc_accel_list="ALG_FFDH KEY_TYPE_DH_KEY_PAIR KEY_TYPE_DH_PUBLIC_KEY" | 
|  | 28 | # 2. Make configurations changes for the driver and/or main libraries. | 
|  | 29 | #    2a. Call helper_libtestdriver1_adjust_config <base>, where the argument | 
|  | 30 | #        can be either "default" to start with the default config, or a name | 
|  | 31 | #        supported by scripts/config.py (for example, "full"). This selects | 
|  | 32 | #        the base to use, and makes common adjustments. | 
|  | 33 | #    2b. If desired, adjust the PSA_WANT symbols in psa/crypto_config.h. | 
|  | 34 | #        These changes affect both the driver and the main libraries. | 
|  | 35 | #        (Note: they need to have the same set of PSA_WANT symbols, as that | 
|  | 36 | #        determines the ABI between them.) | 
|  | 37 | #    2c. Adjust MBEDTLS_ symbols in mbedtls_config.h. This only affects the | 
|  | 38 | #        main libraries. Typically, you want to disable the module(s) that are | 
|  | 39 | #        being accelerated. You may need to also disable modules that depend | 
|  | 40 | #        on them or options that are not supported with drivers. | 
|  | 41 | #    2d. On top of psa/crypto_config.h, the driver library uses its own config | 
|  | 42 | #        file: tests/include/test/drivers/config_test_driver.h. You usually | 
|  | 43 | #        don't need to edit it: using loc_extra_list (see below) is preferred. | 
|  | 44 | #        However, when there's no PSA symbol for what you want to enable, | 
|  | 45 | #        calling scripts/config.py on this file remains the only option. | 
|  | 46 | # 3. Build the driver library, then the main libraries, test, and programs. | 
|  | 47 | #    3a. Call helper_libtestdriver1_make_drivers "$loc_accel_list". You may | 
|  | 48 | #        need to enable more algorithms here, typically hash algorithms when | 
|  | 49 | #        accelerating some signature algorithms (ECDSA, RSAv2). This is done | 
|  | 50 | #        by passing a 2nd argument listing the extra algorithms. | 
|  | 51 | #        Example: | 
|  | 52 | #          loc_extra_list="ALG_SHA_224 ALG_SHA_256 ALG_SHA_384 ALG_SHA_512" | 
|  | 53 | #          helper_libtestdriver1_make_drivers "$loc_accel_list" "$loc_extra_list" | 
|  | 54 | #    3b. Call helper_libtestdriver1_make_main "$loc_accel_list". Any | 
|  | 55 | #        additional arguments will be passed to make: this can be useful if | 
|  | 56 | #        you don't want to build everything when iterating during development. | 
|  | 57 | #        Example: | 
|  | 58 | #          helper_libtestdriver1_make_main "$loc_accel_list" -C tests test_suite_foo | 
|  | 59 | # 4. Run the tests you want. | 
|  | 60 |  | 
|  | 61 | # Adjust the configuration - for both libtestdriver1 and main library, | 
|  | 62 | # as they should have the same PSA_WANT macros. | 
|  | 63 | helper_libtestdriver1_adjust_config() { | 
|  | 64 | base_config=$1 | 
|  | 65 | # Select the base configuration | 
|  | 66 | if [ "$base_config" != "default" ]; then | 
|  | 67 | scripts/config.py "$base_config" | 
|  | 68 | fi | 
|  | 69 |  | 
|  | 70 | # Enable PSA-based config (necessary to use drivers) | 
|  | 71 | scripts/config.py set MBEDTLS_PSA_CRYPTO_CONFIG | 
|  | 72 |  | 
|  | 73 | # Dynamic secure element support is a deprecated feature and needs to be disabled here. | 
|  | 74 | # This is done to have the same form of psa_key_attributes_s for libdriver and library. | 
|  | 75 | scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C | 
|  | 76 |  | 
|  | 77 | # If threading is enabled on the normal build, then we need to enable it in the drivers as well, | 
|  | 78 | # otherwise we will end up running multithreaded tests without mutexes to protect them. | 
|  | 79 | if scripts/config.py get MBEDTLS_THREADING_C; then | 
|  | 80 | scripts/config.py -f "$CONFIG_TEST_DRIVER_H" set MBEDTLS_THREADING_C | 
|  | 81 | fi | 
|  | 82 |  | 
|  | 83 | if scripts/config.py get MBEDTLS_THREADING_PTHREAD; then | 
|  | 84 | scripts/config.py -f "$CONFIG_TEST_DRIVER_H" set MBEDTLS_THREADING_PTHREAD | 
|  | 85 | fi | 
|  | 86 | } | 
|  | 87 |  | 
|  | 88 | # Build the drivers library libtestdriver1.a (with ASan). | 
|  | 89 | # | 
|  | 90 | # Parameters: | 
|  | 91 | # 1. a space-separated list of things to accelerate; | 
|  | 92 | # 2. optional: a space-separate list of things to also support. | 
|  | 93 | # Here "things" are PSA_WANT_ symbols but with PSA_WANT_ removed. | 
|  | 94 | helper_libtestdriver1_make_drivers() { | 
|  | 95 | loc_accel_flags=$( echo "$1 ${2-}" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) | 
|  | 96 | make CC=$ASAN_CC -C tests libtestdriver1.a CFLAGS=" $ASAN_CFLAGS $loc_accel_flags" LDFLAGS="$ASAN_CFLAGS" | 
|  | 97 | } | 
|  | 98 |  | 
|  | 99 | # Build the main libraries, programs and tests, | 
|  | 100 | # linking to the drivers library (with ASan). | 
|  | 101 | # | 
|  | 102 | # Parameters: | 
|  | 103 | # 1. a space-separated list of things to accelerate; | 
|  | 104 | # *. remaining arguments if any are passed directly to make | 
|  | 105 | #    (examples: lib, -C tests test_suite_xxx, etc.) | 
|  | 106 | # Here "things" are PSA_WANT_ symbols but with PSA_WANT_ removed. | 
|  | 107 | helper_libtestdriver1_make_main() { | 
|  | 108 | loc_accel_list=$1 | 
|  | 109 | shift | 
|  | 110 |  | 
|  | 111 | # we need flags both with and without the LIBTESTDRIVER1_ prefix | 
|  | 112 | loc_accel_flags=$( echo "$loc_accel_list" | sed 's/[^ ]* */-DLIBTESTDRIVER1_MBEDTLS_PSA_ACCEL_&/g' ) | 
|  | 113 | loc_accel_flags="$loc_accel_flags $( echo "$loc_accel_list" | sed 's/[^ ]* */-DMBEDTLS_PSA_ACCEL_&/g' )" | 
|  | 114 | make CC=$ASAN_CC CFLAGS="$ASAN_CFLAGS -I../tests/include -I../tests -I../../tests -DPSA_CRYPTO_DRIVER_TEST -DMBEDTLS_TEST_LIBTESTDRIVER1 $loc_accel_flags" LDFLAGS="-ltestdriver1 $ASAN_CFLAGS" "$@" | 
|  | 115 | } | 
|  | 116 |  | 
|  | 117 | ################################################################ | 
|  | 118 | #### Helpers for components using psasim | 
|  | 119 | ################################################################ | 
|  | 120 |  | 
|  | 121 | # Set some default values $CONFIG_H in order to build server or client sides | 
|  | 122 | # in PSASIM. There is only 1 mandatory parameter: | 
|  | 123 | # - $1: target which can be "client" or "server" | 
|  | 124 | helper_psasim_config() { | 
|  | 125 | TARGET=$1 | 
|  | 126 |  | 
|  | 127 | if [ "$TARGET" == "client" ]; then | 
|  | 128 | scripts/config.py full | 
|  | 129 | scripts/config.py unset MBEDTLS_PSA_CRYPTO_C | 
|  | 130 | scripts/config.py unset MBEDTLS_PSA_CRYPTO_STORAGE_C | 
|  | 131 | # Dynamic secure element support is a deprecated feature and it is not | 
|  | 132 | # available when CRYPTO_C and PSA_CRYPTO_STORAGE_C are disabled. | 
|  | 133 | scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C | 
|  | 134 | # Disable potentially problematic features | 
|  | 135 | scripts/config.py unset MBEDTLS_X509_RSASSA_PSS_SUPPORT | 
|  | 136 | scripts/config.py unset MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED | 
|  | 137 | scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED | 
|  | 138 | scripts/config.py unset MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED | 
|  | 139 | scripts/config.py unset MBEDTLS_ECP_RESTARTABLE | 
|  | 140 | scripts/config.py unset MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER | 
|  | 141 | else | 
|  | 142 | scripts/config.py crypto_full | 
|  | 143 | scripts/config.py unset MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS | 
|  | 144 | # We need to match the client with MBEDTLS_PSA_CRYPTO_SE_C | 
|  | 145 | scripts/config.py unset MBEDTLS_PSA_CRYPTO_SE_C | 
|  | 146 | # Also ensure MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER not set (to match client) | 
|  | 147 | scripts/config.py unset MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER | 
|  | 148 | fi | 
|  | 149 | } | 
|  | 150 |  | 
|  | 151 | # This is a helper function to be used in psasim builds. It is meant to clean | 
|  | 152 | # up the library's workspace after the server build and before the client | 
|  | 153 | # build. Built libraries (mbedcrypto, mbedx509 and mbedtls) are supposed to be | 
|  | 154 | # already copied to psasim folder at this point. | 
|  | 155 | helper_psasim_cleanup_before_client() { | 
|  | 156 | # Clean up library files | 
|  | 157 | make -C library clean | 
|  | 158 |  | 
|  | 159 | # Restore files that were backup before building library files. This | 
|  | 160 | # includes $CONFIG_H and $CRYPTO_CONFIG_H. | 
|  | 161 | restore_backed_up_files | 
|  | 162 | } | 
|  | 163 |  | 
|  | 164 | # Helper to build the libraries for client/server in PSASIM. If the server is | 
|  | 165 | # being built, then it builds also the final executable. | 
|  | 166 | # There is only 1 mandatory parameter: | 
|  | 167 | # - $1: target which can be "client" or "server" | 
|  | 168 | helper_psasim_build() { | 
|  | 169 | TARGET=$1 | 
|  | 170 | shift | 
|  | 171 | TARGET_LIB=${TARGET}_libs | 
|  | 172 |  | 
|  | 173 | make -C $PSASIM_PATH CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" $TARGET_LIB "$@" | 
|  | 174 |  | 
|  | 175 | # Build also the server application after its libraries have been built. | 
|  | 176 | if [ "$TARGET" == "server" ]; then | 
|  | 177 | make -C $PSASIM_PATH CFLAGS="$ASAN_CFLAGS" LDFLAGS="$ASAN_CFLAGS" test/psa_server | 
|  | 178 | fi | 
|  | 179 | } | 
|  | 180 |  | 
|  | 181 | ################################################################ | 
|  | 182 | #### Configuration helpers | 
|  | 183 | ################################################################ | 
|  | 184 |  | 
|  | 185 | # When called with no parameter this function disables all builtin curves. | 
|  | 186 | # The function optionally accepts 1 parameter: a space-separated list of the | 
|  | 187 | # curves that should be kept enabled. | 
|  | 188 | helper_disable_builtin_curves() { | 
|  | 189 | allowed_list="${1:-}" | 
|  | 190 | scripts/config.py unset-all "MBEDTLS_ECP_DP_[0-9A-Z_a-z]*_ENABLED" | 
|  | 191 |  | 
|  | 192 | for curve in $allowed_list; do | 
|  | 193 | scripts/config.py set $curve | 
|  | 194 | done | 
|  | 195 | } | 
|  | 196 |  | 
|  | 197 | # Helper returning the list of supported elliptic curves from CRYPTO_CONFIG_H, | 
|  | 198 | # without the "PSA_WANT_" prefix. This becomes handy for accelerating curves | 
|  | 199 | # in the following helpers. | 
|  | 200 | helper_get_psa_curve_list () { | 
|  | 201 | loc_list="" | 
|  | 202 | for item in $(sed -n 's/^#define PSA_WANT_\(ECC_[0-9A-Z_a-z]*\).*/\1/p' <"$CRYPTO_CONFIG_H"); do | 
|  | 203 | loc_list="$loc_list $item" | 
|  | 204 | done | 
|  | 205 |  | 
|  | 206 | echo "$loc_list" | 
|  | 207 | } | 
|  | 208 |  | 
|  | 209 | # Helper returning the list of supported DH groups from CRYPTO_CONFIG_H, | 
|  | 210 | # without the "PSA_WANT_" prefix. This becomes handy for accelerating DH groups | 
|  | 211 | # in the following helpers. | 
|  | 212 | helper_get_psa_dh_group_list () { | 
|  | 213 | loc_list="" | 
|  | 214 | for item in $(sed -n 's/^#define PSA_WANT_\(DH_RFC7919_[0-9]*\).*/\1/p' <"$CRYPTO_CONFIG_H"); do | 
|  | 215 | loc_list="$loc_list $item" | 
|  | 216 | done | 
|  | 217 |  | 
|  | 218 | echo "$loc_list" | 
|  | 219 | } | 
|  | 220 |  | 
|  | 221 | # Get the list of uncommented PSA_WANT_KEY_TYPE_xxx_ from CRYPTO_CONFIG_H. This | 
|  | 222 | # is useful to easily get a list of key type symbols to accelerate. | 
|  | 223 | # The function accepts a single argument which is the key type: ECC, DH, RSA. | 
|  | 224 | helper_get_psa_key_type_list() { | 
|  | 225 | key_type="$1" | 
|  | 226 | loc_list="" | 
|  | 227 | for item in $(sed -n "s/^#define PSA_WANT_\(KEY_TYPE_${key_type}_[0-9A-Z_a-z]*\).*/\1/p" <"$CRYPTO_CONFIG_H"); do | 
|  | 228 | # Skip DERIVE for elliptic keys since there is no driver dispatch for | 
|  | 229 | # it so it cannot be accelerated. | 
|  | 230 | if [ "$item" != "KEY_TYPE_ECC_KEY_PAIR_DERIVE" ]; then | 
|  | 231 | loc_list="$loc_list $item" | 
|  | 232 | fi | 
|  | 233 | done | 
|  | 234 |  | 
|  | 235 | echo "$loc_list" | 
|  | 236 | } | 
|  | 237 |  | 
|  | 238 | ################################################################ | 
|  | 239 | #### Misc. helpers for components | 
|  | 240 | ################################################################ | 
|  | 241 |  | 
|  | 242 | helper_armc6_build_test() | 
|  | 243 | { | 
|  | 244 | FLAGS="$1" | 
|  | 245 |  | 
|  | 246 | msg "build: ARM Compiler 6 ($FLAGS)" | 
|  | 247 | make clean | 
|  | 248 | ARM_TOOL_VARIANT="ult" CC="$ARMC6_CC" AR="$ARMC6_AR" CFLAGS="$FLAGS" \ | 
|  | 249 | WARNING_CFLAGS='-Werror -xc -std=c99' make lib | 
|  | 250 |  | 
|  | 251 | msg "size: ARM Compiler 6 ($FLAGS)" | 
|  | 252 | "$ARMC6_FROMELF" -z library/*.o | 
| Manuel Pégourié-Gonnard | 7f3d37f | 2024-10-17 09:17:26 +0200 | [diff] [blame] | 253 | if [ -n "${PSA_CORE_PATH}" ]; then | 
| Manuel Pégourié-Gonnard | 36ae06b | 2024-10-01 13:19:04 +0200 | [diff] [blame] | 254 | "$ARMC6_FROMELF" -z ${PSA_CORE_PATH}/*.o | 
|  | 255 | fi | 
| Manuel Pégourié-Gonnard | 7f3d37f | 2024-10-17 09:17:26 +0200 | [diff] [blame] | 256 | if [ -n "${BUILTIN_SRC_PATH}" ]; then | 
| Manuel Pégourié-Gonnard | 36ae06b | 2024-10-01 13:19:04 +0200 | [diff] [blame] | 257 | "$ARMC6_FROMELF" -z ${BUILTIN_SRC_PATH}/*.o | 
|  | 258 | fi | 
|  | 259 | } | 
| Manuel Pégourié-Gonnard | 23fa1b5 | 2024-10-03 12:48:01 +0200 | [diff] [blame] | 260 |  | 
|  | 261 | clang_version() { | 
|  | 262 | if command -v clang > /dev/null ; then | 
|  | 263 | clang --version|grep version|sed -E 's#.*version ([0-9]+).*#\1#' | 
|  | 264 | else | 
|  | 265 | echo 0  # report version 0 for "no clang" | 
|  | 266 | fi | 
|  | 267 | } |